Tink · API Governance Rules

Tink API Rules

Spectral linting rules defining API design standards and conventions for Tink.

7 Rules error 3 warn 3 info 1
View Rules File View on GitHub

Rule Categories

tink

Rules

error
tink-paths-kebab-case
Tink path segments must be kebab-case (lowercase, hyphen-separated).
$.paths.*~
warn
tink-operation-summary-title-case
Tink operation summaries must use Title Case and begin with "Tink".
$.paths.*[get,post,put,patch,delete].summary
error
tink-operation-id-camel-case
operationId must be lowerCamelCase.
$.paths.*[get,post,put,patch,delete].operationId
warn
tink-error-schema-reused
4xx and 5xx responses must reuse the shared Error schema component.
$.paths.*[get,post,put,patch,delete].responses[?(@property.match(/^(4|5)\d{2}$/))]
warn
tink-bearer-auth-required
Bearer authentication must be declared on every non-oauth endpoint.
$.paths[?([email protected](/oauth/))].*.security
error
tink-server-url-required
Tink specs must list https://api.tink.com as a production server.
$.servers[*].url
info
tink-iso-currency
Currency fields must reference a string named currencyCode or currency.
$.components.schemas..properties.[currency,currencyCode].type

Spectral Ruleset

Raw ↑ 
extends:
  - spectral:oas
rules:
  # OpenAPI 3.1 enforced across Tink specs.
  oas3-api-servers: error
  # Tink uses kebab-case for path segments.
  tink-paths-kebab-case:
    description: Tink path segments must be kebab-case (lowercase, hyphen-separated).
    severity: error
    given: $.paths.*~
    then:
      function: pattern
      functionOptions:
        match: '^(/[a-z0-9-]+(/\{[a-zA-Z0-9_]+\})?(:[a-z-]+)?)+$'
  # Tink operations must be summarised in Title Case starting with "Tink".
  tink-operation-summary-title-case:
    description: Tink operation summaries must use Title Case and begin with "Tink".
    severity: warn
    given: $.paths.*[get,post,put,patch,delete].summary
    then:
      function: pattern
      functionOptions:
        match: '^Tink [A-Z]'
  # Every operation must declare an operationId in camelCase.
  tink-operation-id-camel-case:
    description: operationId must be lowerCamelCase.
    severity: error
    given: $.paths.*[get,post,put,patch,delete].operationId
    then:
      function: pattern
      functionOptions:
        match: '^[a-z][a-zA-Z0-9]*$'
  # All error responses must reference the Error schema.
  tink-error-schema-reused:
    description: 4xx and 5xx responses must reuse the shared Error schema component.
    severity: warn
    given: $.paths.*[get,post,put,patch,delete].responses[?(@property.match(/^(4|5)\d{2}$/))]
    then:
      field: content.application/json.schema.$ref
      function: truthy
  # Tink requires Bearer authentication on every non-token endpoint.
  tink-bearer-auth-required:
    description: Bearer authentication must be declared on every non-oauth endpoint.
    severity: warn
    given: $.paths[?([email protected](/oauth/))].*.security
    then:
      function: truthy
  # Every API must declare https://api.tink.com (EU) as a server URL.
  tink-server-url-required:
    description: Tink specs must list https://api.tink.com as a production server.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: '^https://api\.(us\.)?tink\.com$'
  # Money uses ISO 4217 currency codes.
  tink-iso-currency:
    description: Currency fields must reference a string named currencyCode or currency.
    severity: info
    given: $.components.schemas..properties.[currency,currencyCode].type
    then:
      function: enumeration
      functionOptions:
        values: [string]